External Attack Surface of Australia’s Largest Organisations

Tenable’s research reveals cyber hygiene issues within Australia’s largest organisations, including outdated software, weak encryption, and misconfigurations. Analysing 25 organisations, it found nearly 12,000 internet-facing assets per firm, with over 290,000 assets in total, that are potentially exploitable. Examples include outdated TLS 1.0 encryption and Log4J software, misuse of internal assets, and API vulnerabilities. These findings underline the scale of the cybersecurity architecture needed to secure sensitive data and maintain system integrity.